[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fSaq4rbLVNhipTFVFdRR0R-5G5gVStJ0Lm3sFKnTs4e4":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":31,"category":32,"article_tags":36},"ad9e6fc6-218c-408e-b4d0-a0950c79617d","Daily Dose of Dark Web Informer - May 6th, 2026","daily-dose-of-dark-web-informer-may-6th-2026-d02042","This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X\u002FTwitter posts.","This is a daily threat intelligence digest from Dark Web Informer covering May 6th, 2026, aggregating multiple security threats including actively exploited zero-days (PAN-OS CVE-2026-0300), critical vulnerabilities (Apache HTTP\u002F2), malware campaigns (CloudZ RAT, Nimrod Stealer), and numerous data breaches across multiple countries. The digest includes IOC feeds, breach notifications, ransomware reports, and security tool releases, presented as a curated daily briefing for security professionals and researchers.","Dark Web Informer daily digest aggregates threat intel including zero-days, breaches, and malware.","Dark Web Informer — Daily Threat Intelligence Digest 🔑 API Access Available High-volume threat intelligence, ransomware data, IOC exports, and comprehensive feed access for security teams and researchers. Explore API → 🔁 Follow across all official platforms — darkwebinformer.com\u002Fsocials 🔥 Advertising Opportunities Reach a highly engaged audience of 75,300+ unique users monthly and growing. View details 75.3k Unique Visitors 154.1k Pageviews Last 30 days as of Mar 30, 2026. Next update Apr 30th. 🔒 Unlock Premium Intelligence Real-time breach tracking, expert analysis, high-resolution evidence, unredacted feeds, and 5,100+ blog posts. View all plans and features on the pricing page. View Plans & Subscribe → 📌 Legend 📰Law Enforcement — LEA updates, investigations ⚠️Dark Web Notices — forums, markets, announcements ❗️Urgent Threats — breaches, ransomware, vulnerabilities 💡Insights & Tools — guides, OSINT, learning resources 🔒Subscribers Only — X\u002FTwitter subscribe 🧾 Today's Intelligence Threat Intelligence 📰 Palo Alto Networks Warns of Actively Exploited PAN-OS Zero-Day Granting Root Access FREE 📰 Critical Apache HTTP\u002F2 Double-Free Flaw Enables Denial-of-Service and Potential Remote Code Execution FREE 📰 52.3 Bitcoin and a Suburban Search Warrant: Inside One of Australia's Biggest Crypto Seizures FREE 📰 CloudZ RAT: A Stealthy New Trojan Hijacks Microsoft Phone Link to Steal Your SMS OTPs FREE X\u002FTwitter Updates ❗️ TomodachiShare allegedly exposing 145K user accounts ❗️ CAF (Caisse d'Allocations Familiales) allegedly breached exposing 22 million records ❗️ KGI (http:\u002F\u002Fkgi.com.hk) allegedly breached exposing 5M+ Hong Kong stock investor records ❗️ Croesus (http:\u002F\u002Fcroesus.com) allegedly breached exposing 19,220 Canadian user records ❗️ IUNGO Cloud (http:\u002F\u002Fiungo.cloud) allegedly leaked exposing 21M corporate email addresses ❗️ Määrdekeskus allegedly breached exposing customer and affiliate records from the Estonian lubricant retailer ❗️ Instituto Consorcio Clavijero allegedly breached exposing 39,000 student records from the Veracruz education platform ❗️ VIP Buenaventura allegedly leaked exposing 70,000 user records from the Colombian taxi app ❗️ CEMIG allegedly breached exposing a 190GB Watson instance dump from the Brazilian energy utility ❗️ https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2052074824629985734?s=20 💡 I am moving up the release of the IOC Live Feed and History Feed to tomorrow instead of Friday. There will be 30-60 minutes of downtime. I will let everyone know before the cutover. ❗️ Over 24 million Mexican civilian records allegedly leaked across two combined files 💡 XForums is currently offline. 💡 The Register is reporting that Arctic Wolf has laid off 250 employees to save money for AI ❗️ Nuclei template for fingerprinting the PAN-OS CVE-2026-0300 zero-day: ❗️ 1\u002F2 Argentine government and http:\u002F\u002Fcrónica.com allegedly breached exposing 80M credentials and sensitive admin data 💡 Anthropic has agreed to a partnership with @SpaceX that will increase their compute capacity. ❗️ CACPE Pastaza allegedly breached exposing 18 million Ecuadorian civil registry records via an unprotected API ❗️ Nimrod Stealer source code allegedly shared on a hacking forum for credential and browser data theft 💡 I am currently building the historical feed... ❗️ SAFEPAY Ransomware Claims 9 Victims ❗️ NRJ Mobile allegedly leaked exposing 266K customer records from the French MVNO ❗️ TransmiteNota allegedly leaked exposing 20 million records from the Brazilian e-invoicing platform ❗️ Leroy Merlin France allegedly leaked exposing 367,462 loyalty program records ❗️ Systemd Backdoor: A simple script to automate systemd backdoor ❗️ Marlon Ferro, who went by the online handle \"GothFerrari,\" has been sentenced to","https:\u002F\u002Fdarkwebinformer.com\u002Fdaily-dose-of-dark-web-informer-may-6th-2026\u002F","https:\u002F\u002Fstorage.ghost.io\u002Fc\u002F6b\u002F16\u002F6b16ac9c-cd67-432f-b0f3-bbec941084ff\u002Fcontent\u002Fimages\u002Fsize\u002Fw1200\u002F2026\u002F02\u002F23597862398746923879872364987342598723.png","2026-05-06T22:26:34+00:00","2026-05-06T23:00:12.326+00:00",8,[18,21,23,25,28],{"name":19,"type":20},"PAN-OS","product",{"name":22,"type":20},"Apache HTTP\u002F2",{"name":24,"type":20},"Microsoft Phone Link",{"name":26,"type":27},"Palo Alto Networks","vendor",{"name":29,"type":30},"Dark Web Informer Daily Digest","campaign","e7b231c8-5f79-4465-8d38-1ef13aea5a14",{"id":31,"icon":33,"name":34,"slug":35},null,"Threat Intelligence","threat-intelligence",[37,42,47,52],{"category":38},{"id":39,"icon":33,"name":40,"slug":41},"2e06f76c-d5b9-4f54-9eef-4d3447b10730","Breaches","breaches",{"category":43},{"id":44,"icon":33,"name":45,"slug":46},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":48},{"id":49,"icon":33,"name":50,"slug":51},"89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5","Malware","malware",{"category":53},{"id":31,"icon":33,"name":34,"slug":35},[55,59,62,65,68],{"type":56,"value":57,"context":58},"cve","CVE-2026-0300","PAN-OS zero-day granting root access, actively exploited",{"type":51,"value":60,"context":61},"CloudZ RAT","Stealthy trojan hijacking Microsoft Phone Link to steal SMS OTPs",{"type":51,"value":63,"context":64},"Nimrod Stealer","Source code allegedly shared on hacking forum for credential and browser data theft",{"type":51,"value":66,"context":67},"SAFEPAY Ransomware","Ransomware campaign claiming 9 victims",{"type":51,"value":69,"context":70},"Systemd Backdoor","Script to automate systemd backdoor attacks"]